Quantum is coming; no IT use cases in sight

Quantum computers have the potential to process exponentially more data than conventional computers can, but today’s quantum computers are a long way from fulfilling on that potential—how long depends on who you ask and ranges from one to ten years or more. One thing that’s certain is that companies and nations around the world are investing billions and the technology is maturing apace.

CIO’s Eric Knorr sat down with Roger Grimes, data driven defense evangelist at the security training company KnowBe4 and author of Cryptography Apocalypse: Preparing for the Day When Quantum Computing Breaks Today’s Crypto, and Bob Lewis, a senior management and IT consultant, author, and contributing writer to CIO whose latest book is There’s No Such Thing as an IT Project: A Handbook for Intentional Business Change,at CIO’s recent Future of Data Summit to discuss the use of quantum computing in business and why security is the most pressing issue of the day.

What follows are edited excerpts of that lively conversation. To learn more, watch the full session embedded below.

On where quantum is today:

Eric Knorr: Are any quantum computers ready right now to solve any business problems or computing challenges?

Roger Grimes: Probably the easy answer to that is your wristwatch has more computing power than all of the quantum computers currently put together. There’s probably many hundreds of quantum computers today, if not going into the thousands, but they’re all pretty simple things—only a few might be around the 100 qubit mark. And so, so far, not all that powerful. But they’ve already demonstrated, even when they only had two qubits, that they were capable … of doing things that traditional computers could not do nearly in the same short amount of time.

Bob Lewis: I think the short answer is, I agree with Roger. No. There is a whole bunch of promises out there. And if you do a search for current applications of quantum computing, what you get are current promises of how great quantum computing is going to be. Right now, there’s nothing that a CIO can buy that’s useful that’s quantum based.

On quantum’s use in IT:

Bob: [T]here are a lot of important areas for companies to invest where quantum computing is going to be a big deal. But … the CIO is not the one who’s designing new pharmaceuticals. The CIO is not the one who’s designing new materials. That’s not where they live. They live in business process improvement. And I haven’t yet run across a use case that seems to be central to that.

Roger: I’d say IT is certainly interested in it from defensive capabilities, right, the threat of quantum computers. But let me say they’re actually most of them are not involved in that either. That’s one of the biggest projects I’m involved in just trying to educate people that hey, you should be aware.

But you know, this is also a big mistake that a lot of newbies make, like ‘Quantum computers, they’re gonna do all this great stuff.’ Quantum computers can solve some types of problems significantly faster, but they don’t just magically do everything faster…. [I]f you’re just trying to calculate most things that would be in the average IT shop or something like that, you don’t need quantum capabilities at all. In fact, it would probably be slower.

On capturing mindshare:

Eric: All the big clouds… there’s Amazon Braket, there’s Azure Quantum, and there’s Google’s Quantum Computing Service. Who’s using those and why? I mean, are people just playing with that stuff? Are they actually working towards specific applications?

Roger: A good way to put it is play, right, because we don’t have the magic term, ‘sufficiently capable quantum computers,’ but it is interesting that you can take certain types of problems, put it into those algorithms and go, ‘Oh, it was able to do something that I wasn’t able to do before, even though you don’t have them sufficiently powerful enough.’

Bob:

For the quantum computing as a service vendors, I think right now that what’s going on is an attempt to capture mindshare, much more than anything else. They need to be a player now because otherwise, you’re a bit player if you if you wait too long. To their credit, Microsoft, Google, IBM, Amazon, they are looking to the future. They’re investing now in the future, which is a refreshing change of pace from how a lot of American enterprises have approached strategic planning in the past. But it’s very much a playpen kind of environment right now.

On defending against quantum attacks:

Roger: Every single organization in the world is going to be in a massive Y2K project trying to defend against sufficiently capable quantum computers within the next two years, and nobody has it budgeted. It’s not on anybody’s list. And in the next two years, every company in the world will be drastically trying to update their encryption and digital signatures, and they don’t even know it. And it’s coming their way like a tidal wave.

Bob: [T]he biggest risk, I think, actually, in information security, is that every year a company doesn’t suffer a major break-in is another year the board of directors were will conclude that IT overstated the risk. I was being snide about this, but you might recall Y2K. And what happened after Y2K is that every IT organization in the world was slammed for faking the problem. And that was because IT was too good managing the remediation projects.

Roger: Y2K has become the definition of overreaction. Instead of hey, we actually successfully addressed a large problem globally before it became a big problem. Like literally the wrong lesson was learned.

Bob:

[S]ince quantum computing is going to be at the heart of future cryptography, I think it’s relevant to understand that the symbol of mistaking success for a con job is so well worth everybody’s attention, because you got to get the money to spend on this or none of the rest is gonna matter.